Senior Lead Application Security Engineer - Copperleaf Technologies Inc.

Key Responsibilities

• Architect and enforce secure application design across the product portfolio, ensuring compliance with industry standards such as OWASP Top 10 and NIST.
• Lead threat modeling workshops and risk assessments for new features, translating findings into actionable mitigation plans.
• Oversee penetration testing and code review processes, coordinating with DevOps to integrate security into CI/CD pipelines.
• Develop and maintain security policies, guidelines, and training materials for engineering teams.
• Collaborate with product, architecture, and cloud teams to embed security controls in AWS and hybrid environments.

Requirements

• 10+ years of experience in application security, with a proven track record in leading security initiatives.
• Deep knowledge of secure software development lifecycle, threat modeling, and OWASP methodologies.
• Hands‑on experience with penetration testing tools (e.g., Burp Suite, OWASP ZAP) and static/dynamic analysis.
• Strong understanding of cloud security, especially AWS security services and best practices.
• Excellent communication skills and ability to mentor and influence cross‑functional teams.